1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
|
import os
import platform
import stat
try:
import unittest2 as unittest
except ImportError:
import unittest
#from leap.base import constants
#from leap.eip import config as eip_config
from leap.testing.basetest import BaseLeapTest
from leap.util.fileutil import mkdir_p
_system = platform.system()
class EIPConfigTest(BaseLeapTest):
__name__ = "eip_config_tests"
def setUp(self):
pass
def tearDown(self):
pass
#
# helpers
#
def touch_exec(self):
path = os.path.join(
self.tempdir, 'bin')
mkdir_p(path)
tfile = os.path.join(
path,
'openvpn')
open(tfile, 'wb').close()
os.chmod(tfile, stat.S_IRUSR | stat.S_IWUSR | stat.S_IXUSR)
def get_expected_openvpn_args(self):
args = []
username = self.get_username()
groupname = self.get_groupname()
args.append('--client')
args.append('--dev')
#does this have to be tap for win??
args.append('tun')
args.append('--persist-tun')
args.append('--persist-key')
args.append('--remote')
args.append('testprovider.example.org')
# XXX get port!?
args.append('1194')
# XXX get proto
args.append('udp')
args.append('--tls-client')
args.append('--remote-cert-tls')
args.append('server')
args.append('--user')
args.append(username)
args.append('--group')
args.append(groupname)
args.append('--management-client-user')
args.append(username)
args.append('--management-signal')
args.append('--management')
#XXX hey!
#get platform switches here!
args.append('/tmp/.eip.sock')
args.append('unix')
# certs
# XXX get values from specs?
args.append('--cert')
args.append(os.path.join(
self.home,
'.config', 'leap', 'providers',
'testprovider.example.org',
'keys', 'client',
'openvpn.pem'))
args.append('--key')
args.append(os.path.join(
self.home,
'.config', 'leap', 'providers',
'testprovider.example.org',
'keys', 'client',
'openvpn.pem'))
args.append('--ca')
args.append(os.path.join(
self.home,
'.config', 'leap', 'providers',
'testprovider.example.org',
'keys', 'ca',
'testprovider-ca-cert.pem'))
return args
# build command string
# these tests are going to have to check
# many combinations. we should inject some
# params in the function call, to disable
# some checks.
def test_build_ovpn_command_empty_config(self):
self.touch_exec()
from leap.eip import config as eipconfig
from leap.util.fileutil import which
path = os.environ['PATH']
vpnbin = which('openvpn', path=path)
print 'path =', path
print 'vpnbin = ', vpnbin
command, args = eipconfig.build_ovpn_command(
do_pkexec_check=False, vpnbin=vpnbin)
self.assertEqual(command, self.home + '/bin/openvpn')
self.assertEqual(args, self.get_expected_openvpn_args())
if __name__ == "__main__":
unittest.main()
|
